A hardware security module, or HSM, is a dedicated, standards-compliant cryptographic appliance designed to protect sensitive data in transit, in use, and at rest through the use of physical security measures, logical security controls, and strong encryption.

What HSMs Do

An HSM’s core functionality is centered around encryption: the process by which sensitive data is rendered indecipherable to all except authorized recipients. HSMs also offer a secure way to decrypt data to ensure message confidentiality and authenticity.

Encryption is made possible through the use of encryption keys—randomly generated values that must be kept secret in order to protect the encrypted data. Because knowledge of the encryption key aids in decrypting information, it is vital that these keys are secured in a private environment.

Hardware security modules generate and store the keys used for encrypted communication among devices within a Secure Cryptographic Device (SCD), which is a far more secure method than solely using software. When information is sent to the HSM via a trusted connection, the HSM allows for the quick and safe encryption or decryption of that information using the appropriate key.

Features

Security

Security is the foundation of any HSM, given the importance of protecting the data it holds. Futurex HSMs have physical and logical security features such as a difficult-to-replicate hardware design, tamper wires that instantly zeroize data if triggered, permission-based access controls, enforcement of dual control principles, and the ability to block unused functions.

Compliance

Regulatory compliance is a nonnegotiable requirement in many environments. Futurex HSMs adhere to all major industry standards, including FIPS 140-2 Level 3 and PCI HSM. In addition to meeting current standards, Futurex is committed to supporting emerging standards and requirements.

Transaction Processing Speed

How fast an HSM can process requests for data encryption or decryption is often a primary concern for organizations. Futurex HSMs have the fastest TPS ratings in the industry, with scalability options that ensure organizations will have the speed they need both now and in the future.

Scalability

The scalability of Futurex’s HSMs is far reaching, with the ability to easily increase TPS ratings, processing power, or storage capacity. This flexibility ensures that your cryptographic infrastructure will never become a bottleneck as organizational transaction volume grows.

Extensibility

The role played by hardware encryption solutions in the data security sector is dramatically increasing. It's important to consider potential future uses for this technology and what types of data may need to be secured by hardware in the future. Futurex’s platform offers the ability to regularly expand functionality via firmware or application upgrades.

Disaster Recovery

What measures are in place to ensure continued performance and security in the event of disaster or loss of connectivity? Multiple, redundant power supplies and Ethernet ports within Futurex HSMs maintain functionality in the event that one of either source should fail.

Futurex HSMs also have the added ability of being spread across multiple locations and managed as a group, synchronizing and load balancing all the units to maintain network functionality even if an entire data center were to lose connectivity.

Remote Management

Maintaining redundancy and disaster recovery capabilities by using geographically dispersed backup HSMs can be critical to fulfilling operational goals, but managing this infrastructure can be costly and time-consuming. Futurex’s remote access technology can completely eliminate the need to travel to visit these locations, reducing costs and increasing access speed.

Futurex’s hardware-based remote access devices use encrypted connections to the HSM network to maintain security in all configuration and remote key loading processes.

Host Application Compatibility

Futurex HSMs maintain compatibility with a wide range of host applications. The Futurex API is robust, easy-to-understand, flexible, and can be enhanced and modified over time without making substantial changes to the host application. Additionally, the Futurex API includes user-centric features to assist programmers and support personnel with development, testing, and debugging.